Skip to content

http: logs custom headers in a subobject#8672

Closed
catenacyber wants to merge 1 commit into
OISF:masterfrom
catenacyber:http-customlog-5320-v6
Closed

http: logs custom headers in a subobject#8672
catenacyber wants to merge 1 commit into
OISF:masterfrom
catenacyber:http-customlog-5320-v6

Conversation

@catenacyber
Copy link
Copy Markdown
Contributor

@catenacyber catenacyber commented Apr 3, 2023

Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/5320

Describe changes:

  • http: logs custom headers in a subobject

To avoid collisions, for instance for content_range

With this PR, the output will be

    "content_range": {
      "raw": "bytes 10-20/69",
      "start": 10,
      "end": 20,
      "size": 69
    },
    "response_headers": [
      {
        "name": "Content-Range",
        "value": "bytes 10-20/69"
      }
    ]

instead of

    "content_range": {
      "raw": "bytes 10-20/69",
      "start": 10,
      "end": 20,
      "size": 69
    },
   "content_range": "bytes 10-20/69"

response_headers is already used with the config option dump-all-headers

suricata-verify-pr: 1026

Replaces #8268 with rebase fixing compilation (SCLogWarning using string directly)

@catenacyber
http: logs custom headers in a subobject
b42b85f 
This subobject is request_headers or response_headers

This especially avoids json keys collisions.

Ticket: OISF#5320

Also fixes typo referrer/referer
@catenacyber catenacyber mentioned this pull request Apr 3, 2023
Closed
@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 3, 2023

Codecov Report

Merging #8672 (b42b85f) into master (418ddba) will increase coverage by 0.08%.
The diff coverage is 88.88%.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #8672      +/-   ##
==========================================
+ Coverage   81.78%   81.87%   +0.08%     
==========================================
  Files         968      968              
  Lines      279008   279000       -8     
==========================================
+ Hits       228195   228424     +229     
+ Misses      50813    50576     -237
Flag Coverage Δ
fuzzcorpus 64.22% <52.77%> (+0.20%) ⬆️
suricata-verify 59.81% <88.88%> (+0.01%) ⬆️
unittests 63.23% <0.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

@suricata-qa
Copy link
Copy Markdown

suricata-qa commented Apr 4, 2023

WARNING:

field baseline test %
SURI_TLPW1_stats_chk
.tcp.rst 113181 144988 128.1%

Pipeline 12996

jasonish
jasonish reviewed Apr 11, 2023
View reviewed changes
Comment thread src/output-json-http.c
size_t n = htp_table_size(headers);
JsonBuilderMark mark = { 0, 0, 0 };
jb_get_mark(js, &mark);
bool arrayHasOneElem = false;
Copy link
Copy Markdown
Member

@jasonish jasonish Apr 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not really our variable naming convention.

Copy link
Copy Markdown
Contributor Author

@catenacyber catenacyber Apr 12, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Replacing with what I found here https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Coding_Style#Names

@catenacyber catenacyber mentioned this pull request Apr 12, 2023
Closed
@catenacyber
Copy link
Copy Markdown
Contributor Author

catenacyber commented Apr 12, 2023

Replaced by #8714

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jasonish jasonish jasonish left review comments

@jufajardini jufajardini Awaiting requested review from jufajardini

@victorjulien victorjulien Awaiting requested review from victorjulien

Assignees

@jasonish jasonish

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@catenacyber @suricata-qa @jasonish